29 Aug
2005
29 Aug
'05
3:45 p.m.
On Mon, Aug 29, 2005 at 11:34:24PM +0800, Mark Quitoriano enlightened us:
Im using postfix+postfixadmin+mysql+courier-imap
i just implemented pop-before-smtp[1], my problem is after recieving the mails i connect to the server using telnet and try to send spam using the mail server it did send it didn't ask for authentication anymore. i'm not sure how this pop-before-smtp really works but i was thinking how should i secure the server in this kind of attacks.
Generally speaking, pop-before-smtp was (and is) a big hack. The right answer is to set up SMTP-Auth.
Matt
--
Matt Hyclak
Department of Mathematics
Department of Social Work
Ohio University
(740) 593-1263